Accton Technology ES3528M-SFP User manual

Powered by Accton

www.edge-core.com

Management Guide

ES3528M-SFP

Fast Ethernet Switch

Management Guide

Fast Ethernet Switch

Layer 2 Workgroup Switch

with 24 100BASE-BX (SFP) Ports, 2 1000BASE-T (RJ-45)

and 2 Combination Gigabit (RJ-45/SFP) Ports

ES3528M-SFP

E122007-DG-R01

149100035500A

v

About This Guide

Purpose

This guide gives specific information on how to operate and use the management

functions of the switch.

Audience

The guide is intended for use by network administrators who are responsible for operating

and maintaining network equipment; consequently, it assumes a basic working

knowledge of general switch functions, the Internet Protocol (IP), and Simple Network

Management Protocol (SNMP).

Conventions

The following conventions are used throughout this guide to show information:

Note: Emphasizes important information or calls your attention to related features or

instructions.

Caution: Alerts you to a potential hazard that could cause loss of data, or damage the

system or equipment.

Warning: Alerts you to a potential hazard that could cause personal injury.

Related Publications

The following publication details the hardware features of the switch, including the

physical and performance-related characteristics, and how to install the switch:

The Installation Guide

Also, as part of the switch’s software, there is an online web-based help that describes all

management related features.

Revision History

This section summarizes the changes in each revision of this guide.

November 2007 Revision

This is the second revision of this guide. This guide is valid for software release v1.1.0.7.

vi

i

Contents

Chapter 1: Introduction 1-1

Key Features 1-1

Description of Software Features 1-2

System Defaults 1-6

Chapter 2: Initial Configuration 2-1

Connecting to the Switch 2-1

Configuration Options 2-1

Required Connections 2-2

Remote Connections 2-3

Basic Configuration 2-3

Console Connection 2-3

Setting Passwords 2-4

Setting an IP Address 2-4

Manual Configuration 2-4

Dynamic Configuration 2-5

Enabling SNMP Management Access 2-6

Community Strings (for SNMP version 1 and 2c clients) 2-6

Trap Receivers 2-7

Configuring Access for SNMP Version 3 Clients 2-8

Saving Configuration Settings 2-8

Managing System Files 2-9

Chapter 3: Configuring the Switch 3-1

Using the Web Interface 3-1

Navigating the Web Browser Interface 3-2

Home Page 3-2

Configuration Options 3-3

Panel Display 3-3

Main Menu 3-4

Basic Configuration 3-12

Displaying System Information 3-12

Displaying Switch Hardware/Software Versions 3-13

Displaying Bridge Extension Capabilities 3-15

Setting the Switch’s IP Address 3-16

Manual Configuration 3-17

Using DHCP/BOOTP 3-18

Enabling Jumbo Frames 3-19

Managing Firmware 3-19

Downloading System Software from a Server 3-20

Contents

ii

Saving or Restoring Configuration Settings 3-21

Downloading Configuration Settings from a Server 3-22

Console Port Settings 3-23

Telnet Settings 3-25

Configuring Event Logging 3-28

Displaying Log Messages 3-28

System Log Configuration 3-28

Remote Log Configuration 3-30

Simple Mail Transfer Protocol 3-31

Resetting the System 3-33

Setting the System Clock 3-34

Setting the Time Manually 3-34

Configuring SNTP 3-34

Configuring NTP 3-35

Setting the Time Zone 3-37

Simple Network Management Protocol 3-38

Setting Community Access Strings 3-39

Specifying Trap Managers and Trap Types 3-40

Enabling SNMP Agent Status 3-41

Configuring SNMPv3 Management Access 3-42

Setting the Local Engine ID 3-42

Specifying a Remote Engine ID 3-43

Configuring SNMPv3 Users 3-43

Configuring Remote SNMPv3 Users 3-45

Configuring SNMPv3 Groups 3-46

Setting SNMPv3 Views 3-49

User Authentication 3-51

Configuring User Accounts 3-51

Configuring Local/Remote Logon Authentication 3-53

Configuring Encryption Keys 3-57

AAA Authorization and Accounting 3-58

Configuring AAA RADIUS Group Settings 3-59

Configuring AAA TACACS+ Group Settings 3-59

Configuring AAA Accounting 3-60

AAA Accounting Update 3-62

AAA Accounting 802.1X Port Settings 3-62

AAA Accounting Exec Command Privileges 3-63

AAA Accounting Exec Settings 3-65

AAA Accounting Summary 3-65

Authorization Settings 3-67

Authorization EXEC Settings 3-68

Authorization Summary 3-68

Configuring HTTPS 3-69

Replacing the Default Secure-site Certificate 3-70

Configuring the Secure Shell 3-71

Contents

iii

Configuring the SSH Server 3-74

Generating the Host Key Pair 3-75

Importing User Public Keys 3-76

Configuring Port Security 3-80

Configuring 802.1X Port Authentication 3-81

Displaying 802.1X Global Settings 3-83

Configuring 802.1X Global Settings 3-83

Configuring Port Settings for 802.1X 3-84

Displaying 802.1X Statistics 3-87

Web Authentication 3-88

Configuring Web Authentication 3-89

Configuring Web Authentication for Ports 3-90

Displaying Web Authentication Port Information 3-91

Re-authenticating Web Authenticated Ports 3-92

Network Access – MAC Address Authentication 3-93

Configuring the MAC Authentication Reauthentication Time 3-94

Configuring MAC Authentication for Ports 3-94

Configuring Port Link Detection 3-96

Displaying Secure MAC Address Information 3-97

MAC Authentication 3-98

Configuring MAC authentication parameters for ports 3-98

Access Control Lists 3-99

Configuring Access Control Lists 3-100

Setting the ACL Name and Type 3-100

Configuring a Standard IP ACL 3-101

Configuring an Extended IP ACL 3-102

Configuring a MAC ACL 3-105

Binding a Port to an Access Control List 3-106

Filtering IP Addresses for Management Access 3-107

Port Configuration 3-110

Displaying Connection Status 3-110

Configuring Interface Connections 3-112

Creating Trunk Groups 3-114

Statically Configuring a Trunk 3-115

Enabling LACP on Selected Ports 3-116

Configuring LACP Parameters 3-118

Displaying LACP Port Counters 3-120

Displaying LACP Settings and Status for the Local Side 3-122

Displaying LACP Settings and Status for the Remote Side 3-124

Setting Broadcast Storm Thresholds 3-125

Configuring Port Mirroring 3-127

Configuring Rate Limits 3-128

Rate Limit Configuration 3-128

Showing Port Statistics 3-129

Address Table Settings 3-133

Contents

iv

Setting Static Addresses 3-133

Displaying the Address Table 3-134

Changing the Aging Time 3-136

Spanning Tree Algorithm Configuration 3-136

Displaying Global Settings 3-138

Configuring Global Settings 3-141

Displaying Interface Settings 3-144

Configuring Interface Settings 3-147

Configuring Multiple Spanning Trees 3-149

Displaying Interface Settings for MSTP 3-151

Configuring Interface Settings for MSTP 3-153

VLAN Configuration 3-155

IEEE 802.1Q VLANs 3-155

Enabling or Disabling GVRP (Global Setting) 3-158

Displaying Basic VLAN Information 3-159

Displaying Current VLANs 3-159

Creating VLANs 3-161

Adding Static Members to VLANs (VLAN Index) 3-162

Adding Static Members to VLANs (Port Index) 3-164

Configuring VLAN Behavior for Interfaces 3-165

Configuring IEEE 802.1Q Tunneling 3-167

Enabling QinQ Tunneling on the Switch 3-170

Adding an Interface to a QinQ Tunnel 3-172

Private VLANs 3-173

Displaying Current Private VLANs 3-174

Configuring Private VLANs 3-175

Associating VLANs 3-176

Displaying Private VLAN Interface Information 3-177

Configuring Private VLAN Interfaces 3-178

Protocol VLANs 3-179

Protocol VLAN Group Configuration 3-179

Protocol VLAN System Configuration 3-180

Link Layer Discovery Protocol 3-181

Setting LLDP Timing Attributes 3-181

Configuring LLDP Interface Attributes 3-183

Displaying LLDP Local Device Information 3-186

Displaying LLDP Remote Port Information 3-187

Displaying LLDP Remote Information Details 3-188

Displaying Device Statistics 3-189

Displaying Detailed Device Statistics 3-190

Class of Service Configuration 3-191

Layer 2 Queue Settings 3-191

Setting the Default Priority for Interfaces 3-191

Mapping CoS Values to Egress Queues 3-192

Enabling CoS 3-194

Contents

v

Selecting the Queue Mode 3-195

Setting the Service Weight for Traffic Classes 3-195

Layer 3/4 Priority Settings 3-196

Mapping Layer 3/4 Priorities to CoS Values 3-196

Enabling IP DSCP Priority 3-197

Mapping DSCP Priority 3-198

Quality of Service 3-199

Configuring Quality of Service Parameters 3-200

Configuring a Class Map 3-200

Creating QoS Policies 3-203

Attaching a Policy Map to Ingress Queues 3-206

VoIP Traffic Configuration 3-207

Configuring VoIP Traffic 3-207

Configuring VoIP Traffic Port 3-208

Configuring Telephony OUI 3-210

Multicast Filtering 3-212

Layer 2 IGMP (Snooping and Query) 3-212

Configuring IGMP Snooping and Query Parameters 3-213

Enabling IGMP Immediate Leave 3-215

Displaying Interfaces Attached to a Multicast Router 3-216

Specifying Static Interfaces for a Multicast Router 3-217

Displaying Port Members of Multicast Services 3-218

Assigning Ports to Multicast Services 3-219

IGMP Filtering and Throttling 3-220

Enabling IGMP Filtering and Throttling 3-221

Configuring IGMP Filter Profiles 3-222

Configuring IGMP Filtering and Throttling for Interfaces 3-223

Multicast VLAN Registration 3-225

Configuring Global MVR Settings 3-226

Displaying MVR Interface Status 3-227

Displaying Port Members of Multicast Groups 3-228

Configuring MVR Interface Status 3-229

Assigning Static Multicast Groups to Interfaces 3-231

DHCP Snooping 3-232

DHCP Snooping Configuration 3-233

DHCP Snooping VLAN Configuration 3-233

DHCP Snooping Information Option Configuration 3-234

DHCP Snooping Port Configuration 3-235

DHCP Snooping Binding Information 3-236

IP Source Guard 3-237

IP Source Guard Port Configuration 3-237

Static IP Source Guard Binding Configuration 3-238

Dynamic IP Source Guard Binding Information 3-239

IP Clustering 3-240

Cluster Configuration 3-241

Contents

vi

Cluster Member Configuration 3-242

Cluster Member Information 3-243

Cluster Candidate Information 3-243

UPnP 3-245

UPnP Configuration 3-245

Chapter 4: Command Line Interface 4-1

Using the Command Line Interface 4-1

Accessing the CLI 4-1

Console Connection 4-1

Telnet Connection 4-2

Entering Commands 4-3

Keywords and Arguments 4-3

Minimum Abbreviation 4-3

Command Completion 4-3

Getting Help on Commands 4-3

Showing Commands 4-4

Partial Keyword Lookup 4-6

Negating the Effect of Commands 4-6

Using Command History 4-6

Understanding Command Modes 4-6

Exec Commands 4-7

Configuration Commands 4-8

Command Line Processing 4-10

Command Groups 4-11

Line Commands 4-12

line 4-13

login 4-13

password 4-14

timeout login response 4-15

exec-timeout 4-15

password-thresh 4-16

silent-time 4-17

databits 4-17

parity 4-18

speed 4-19

stopbits 4-19

disconnect 4-20

show line 4-20

General Commands 4-21

enable 4-21

disable 4-22

configure 4-23

show history 4-23

Contents

vii

reload 4-24

reload cancel 4-24

show reload 4-25

end 4-25

exit 4-26

quit 4-26

System Management Commands 4-27

Device Designation Commands 4-27

prompt 4-27

hostname 4-28

Banner 4-28

banner configure 4-29

banner configure company 4-30

banner configure dc-power-info 4-31

banner configure department 4-31

banner configure equipment-info 4-32

banner configure equipment-location 4-33

banner configure ip-lan 4-33

banner configure lp-number 4-34

banner configure manager-info 4-35

banner configure mux 4-35

banner configure note 4-36

show banner 4-37

User Access Commands 4-38

username 4-38

enable password 4-39

IP Filter Commands 4-40

management 4-40

show management 4-41

Web Server Commands 4-42

ip http port 4-42

ip http server 4-42

ip http secure-server 4-43

ip http secure-port 4-44

Telnet Server Commands 4-45

ip telnet port 4-45

ip telnet server 4-45

Secure Shell Commands 4-46

ip ssh server 4-48

ip ssh timeout 4-49

ip ssh authentication-retries 4-49

ip ssh server-key size 4-50

delete public-key 4-50

ip ssh crypto host-key generate 4-51

ip ssh crypto zeroize 4-51

Contents

viii

ip ssh save host-key 4-52

show ip ssh 4-52

show ssh 4-53

show public-key 4-54

Event Logging Commands 4-55

logging on 4-55

logging history 4-56

logging host 4-57

logging facility 4-57

logging trap 4-58

clear logging 4-58

show logging 4-59

show log 4-60

SMTP Alert Commands 4-61

logging sendmail host 4-61

logging sendmail level 4-62

logging sendmail source-email 4-63

logging sendmail destination-email 4-63

logging sendmail 4-64

show logging sendmail 4-64

Time Commands 4-65

sntp client 4-65

sntp server 4-66

sntp poll 4-67

show sntp 4-67

ntp client 4-68

ntp server 4-69

ntp poll 4-70

ntp authenticate 4-70

ntp authentication-key 4-71

show ntp 4-72

clock timezone-predefined 4-72

clock timezone 4-73

clock summer-time (date) 4-74

clock summer-time (predefined) 4-75

clock summer-time (recurring) 4-76

calendar set 4-77

show calendar 4-77

System Status Commands 4-78

show startup-config 4-78

show running-config 4-79

show system 4-82

show users 4-82

show version 4-83

Frame Size Commands 4-84

Contents

ix

jumbo frame 4-84

Flash/File Commands 4-85

copy 4-85

delete 4-88

dir 4-89

whichboot 4-90

boot system 4-90

Authentication Commands 4-91

Authentication Sequence 4-91

authentication login 4-92

authentication enable 4-93

RADIUS Client 4-94

radius-server host 4-95

radius-server acct-port 4-95

radius-server auth-port 4-96

radius-server key 4-96

radius-server retransmit 4-97

radius-server timeout 4-97

show radius-server 4-97

TACACS+ Client 4-98

tacacs-server host 4-98

tacacs-server port 4-99

tacacs-server key 4-99

tacacs-server retransmit 4-100

tacacs-server timeout 4-100

show tacacs-server 4-101

AAA Commands 4-102

aaa group server 4-102

server 4-103

aaa accounting dot1x 4-103

aaa accounting exec 4-104

aaa accounting commands 4-105

aaa accounting update 4-106

accounting dot1x 4-107

accounting exec 4-107

accounting commands 4-108

aaa authorization exec 4-108

authorization exec 4-109

show accounting 4-110

Port Security Commands 4-111

port security 4-111

802.1X Port Authentication 4-112

dot1x system-auth-control 4-113

dot1x default 4-113

dot1x max-req 4-114

Contents

x

dot1x port-control 4-114

dot1x operation-mode 4-115

dot1x re-authenticate 4-115

dot1x re-authentication 4-116

dot1x timeout quiet-period 4-116

dot1x timeout re-authperiod 4-117

dot1x timeout tx-period 4-117

dot1x intrusion-action 4-118

show dot1x 4-118

Network Access – MAC Address Authentication 4-121

network-access mode 4-121

network-access max-mac-count 4-122

mac-authentication intrusion-action 4-123

mac-authentication max-mac-count 4-123

network-access dynamic-qos 4-124

network-access dynamic-vlan 4-124

network-access guest-vlan 4-125

network-access link-detection 4-125

network-access link-detection link-down 4-126

network-access link-detection link-up 4-126

network-access link-detection link-up-down 4-127

mac-authentication reauth-time 4-127

clear network-access 4-128

show network-access 4-128

show network-access mac-address-table 4-129

Web Authentication 4-130

web-auth login-attempts 4-131

web-auth login-fail-page-url 4-131

web-auth login-page-url 4-132

web-auth login-success-page-url 4-132

web-auth quiet-period 4-133

web-auth session-timeout 4-133

web-auth system-auth-control 4-134

web-auth 4-134

show web-auth 4-135

show web-auth interface 4-135

web-auth re-authenticate (Port) 4-136

web-auth re-authenticate (IP) 4-136

show web-auth summary 4-137

Access Control List Commands 4-139

IP ACLs 4-140

access-list ip 4-140

permit, deny (Standard ACL) 4-141

permit, deny (Extended ACL) 4-141

show ip access-list 4-143

Contents

xi

ip access-group 4-143

show ip access-group 4-144

MAC ACLs 4-144

access-list mac 4-145

permit, deny (MAC ACL) 4-146

show mac access-list 4-147

mac access-group 4-148

show mac access-group 4-148

ACL Information 4-149

show access-list 4-149

show access-group 4-149

SNMP Commands 4-150

snmp-server 4-151

show snmp 4-151

snmp-server community 4-152

snmp-server contact 4-153

snmp-server location 4-153

snmp-server host 4-154

snmp-server enable traps 4-156

snmp-server engine-id 4-157

show snmp engine-id 4-158

snmp-server view 4-159

show snmp view 4-160

snmp-server group 4-160

show snmp group 4-161

snmp-server user 4-163

show snmp user 4-165

Interface Commands 4-166

interface 4-166

description 4-167

speed-duplex 4-167

negotiation 4-168

capabilities 4-169

flowcontrol 4-170

shutdown 4-171

switchport packet-rate 4-172

clear counters 4-172

show interfaces status 4-173

show interfaces counters 4-174

show interfaces switchport 4-175

Mirror Port Commands 4-177

port monitor 4-177

show port monitor 4-178

Rate Limit Commands 4-179

rate-limit 4-179

Contents

xii

Link Aggregation Commands 4-180

channel-group 4-181

lacp 4-182

lacp system-priority 4-183

lacp admin-key (Ethernet Interface) 4-184

lacp admin-key (Port Channel) 4-185

lacp port-priority 4-186

show lacp 4-186

Address Table Commands 4-190

mac-address-table static 4-190

clear mac-address-table dynamic 4-191

show mac-address-table 4-191

mac-address-table aging-time 4-192

show mac-address-table aging-time 4-193

LLDP Commands 4-193

lldp 4-195

lldp holdtime-multiplier 4-195

lldp medFastStartCount 4-196

lldp notification-interval 4-196

lldp refresh-interval 4-197

lldp reinit-delay 4-198

lldp tx-delay 4-198

lldp admin-status 4-199

lldp notification 4-199

lldp mednotification 4-200

lldp basic-tlv management-ip-address 4-201

lldp basic-tlv port-description 4-201

lldp basic-tlv system-capabilities 4-202

lldp basic-tlv system-description 4-202

lldp basic-tlv system-name 4-203

lldp dot1-tlv proto-ident 4-203

lldp dot1-tlv proto-vid 4-204

lldp dot1-tlv pvid 4-204

lldp dot1-tlv vlan-name 4-205

lldp dot3-tlv link-agg 4-205

lldp dot3-tlv mac-phy 4-206

lldp dot3-tlv max-frame 4-206

lldp dot3-tlv poe 4-207

lldp medtlv extpoe 4-207

lldp medtlv inventory 4-208

lldp medtlv location 4-208

lldp medtlv med-cap 4-209

lldp medtlv network-policy 4-209

show lldp config 4-210

show lldp info local-device 4-212

Contents

xiii

show lldp info remote-device 4-213

show lldp info statistics 4-213

UPnP Commands 4-215

upnp device 4-215

upnp device ttl 4-216

upnp device advertise duration 4-216

show upnp 4-217

Spanning Tree Commands 4-217

spanning-tree 4-218

spanning-tree mode 4-219

spanning-tree forward-time 4-220

spanning-tree hello-time 4-221

spanning-tree max-age 4-221

spanning-tree priority 4-222

spanning-tree pathcost method 4-222

spanning-tree transmission-limit 4-223

spanning-tree mst-configuration 4-223

mst vlan 4-224

mst priority 4-225

name 4-225

revision 4-226

max-hops 4-226

spanning-tree spanning-disabled 4-227

spanning-tree cost 4-227

spanning-tree port-priority 4-228

spanning-tree edge-port 4-229

spanning-tree portfast 4-230

spanning-tree link-type 4-231

spanning-tree loopback-detection 4-231

spanning-tree loopback-detection release-mode 4-232

spanning-tree loopback-detection trap 4-233

spanning-tree mst cost 4-233

spanning-tree mst port-priority 4-234

spanning-tree protocol-migration 4-235

show spanning-tree 4-235

show spanning-tree mst configuration 4-237

VLAN Commands 4-238

GVRP and Bridge Extension Commands 4-238

bridge-ext gvrp 4-239

show bridge-ext 4-239

switchport gvrp 4-240

show gvrp configuration 4-240

garp timer 4-241

show garp timer 4-241

Editing VLAN Groups 4-242

Contents

xiv

vlan database 4-242

vlan 4-243

Configuring VLAN Interfaces 4-244

interface vlan 4-244

switchport mode 4-245

switchport acceptable-frame-types 4-246

switchport ingress-filtering 4-246

switchport native vlan 4-247

switchport allowed vlan 4-248

switchport forbidden vlan 4-249

Displaying VLAN Information 4-250

show vlan 4-250

Configuring IEEE 802.1Q Tunneling 4-251

dot1q-tunnel system-tunnel-control 4-251

switchport dot1q-tunnel mode 4-252

switchport dot1q-tunnel tpid 4-253

show dot1q-tunnel 4-253

Configuring Private VLANs 4-254

private-vlan 4-256

private vlan association 4-256

switchport mode private-vlan 4-257

switchport private-vlan host-association 4-258

switchport private-vlan isolated 4-258

switchport private-vlan mapping 4-259

show vlan private-vlan 4-259

Configuring Protocol-based VLANs 4-261

protocol-vlan protocol-group (Configuring Groups) 4-261

protocol-vlan protocol-group (Configuring VLANs) 4-262

show protocol-vlan protocol-group 4-263

show protocol-vlan protocol-group-vid 4-263

Priority Commands 4-264

Priority Commands (Layer 2) 4-264

queue mode 4-265

switchport priority default 4-265

queue bandwidth 4-266

queue cos-map 4-267

show queue mode 4-268

show queue bandwidth 4-268

show queue cos-map 4-269

Priority Commands (Layer 3 and 4) 4-269

map ip dscp (Global Configuration) 4-269

map ip dscp (Interface Configuration) 4-270

show map ip dscp 4-271

Quality of Service Commands 4-272

class-map 4-273

Page is loading ...

Accton Technology ES3528M-SFP User manual

Related papers

Other documents